[Debian-iot-maintainers] Bug#1001384: Bug#1001384: Acknowledgement (ulfius: Fix ulfius_url_{encode, decode} call malloc instad of o_malloc in stable)
Nicolas Mora
babelouest at debian.org
Thu Dec 9 18:25:42 GMT 2021
See the debdiff attached for the package
-------------- next part --------------
diff -Nru ulfius-2.7.1/debian/changelog ulfius-2.7.1/debian/changelog
--- ulfius-2.7.1/debian/changelog 2021-09-19 15:39:39.000000000 -0400
+++ ulfius-2.7.1/debian/changelog 2021-12-09 08:06:15.000000000 -0500
@@ -1,3 +1,9 @@
+ulfius (2.7.1-1+deb11u2) bullseye; urgency=medium
+
+ * d/patches: Uses o_malloc instead of malloc (Closes: #1001384)
+
+ -- Nicolas Mora <babelouest at debian.org> Thu, 09 Dec 2021 08:06:15 -0500
+
ulfius (2.7.1-1+deb11u1) bullseye; urgency=medium
* d/patches: Fix CVE-2021-40540 (Closes: #994763)
diff -Nru ulfius-2.7.1/debian/patches/malloc.patch ulfius-2.7.1/debian/patches/malloc.patch
--- ulfius-2.7.1/debian/patches/malloc.patch 1969-12-31 19:00:00.000000000 -0500
+++ ulfius-2.7.1/debian/patches/malloc.patch 2021-12-09 08:06:15.000000000 -0500
@@ -0,0 +1,34 @@
+Description: call malloc instead of o_malloc
+Author: Harald Welte <laforge at gnumonks.org>
+Forwarded: not-needed
+--- a/src/u_request.c
++++ b/src/u_request.c
+@@ -143,7 +143,7 @@
+ */
+ static char * url_decode(const char * str) {
+ if (str != NULL) {
+- char * pstr = (char*)str, * buf = malloc(strlen(str) + 1), * pbuf = buf;
++ char * pstr = (char*)str, * buf = o_malloc(strlen(str) + 1), * pbuf = buf;
+ while (* pstr) {
+ if (* pstr == '%') {
+ if (pstr[1] && pstr[2]) {
+--- a/src/ulfius.c
++++ b/src/ulfius.c
+@@ -1796,7 +1796,7 @@
+ char * ulfius_url_encode(const char * str) {
+ char * pstr = (char*)str, * buf = NULL, * pbuf = NULL;
+ if (str != NULL) {
+- buf = malloc(strlen(str) * 3 + 1);
++ buf = o_malloc(strlen(str) * 3 + 1);
+ if (buf != NULL) {
+ pbuf = buf;
+ while (* pstr) {
+@@ -1830,7 +1830,7 @@
+ char * ulfius_url_decode(const char * str) {
+ char * pstr = (char*)str, * buf = NULL, * pbuf = NULL;
+ if (str != NULL) {
+- buf = malloc(strlen(str) + 1);
++ buf = o_malloc(strlen(str) + 1);
+ if (buf != NULL) {
+ pbuf = buf;
+ while (* pstr) {
diff -Nru ulfius-2.7.1/debian/patches/series ulfius-2.7.1/debian/patches/series
--- ulfius-2.7.1/debian/patches/series 2021-09-19 15:39:39.000000000 -0400
+++ ulfius-2.7.1/debian/patches/series 2021-12-09 08:06:15.000000000 -0500
@@ -1,3 +1,4 @@
+malloc.patch
examples.patch
doc.patch
CVE-2021-40540.patch
More information about the Debian-iot-maintainers
mailing list